The European Commission is proposing to build a Joint Cyber Unit, for an European Union coordinated response to large-scale cyber incidents. It’s proposed to ‘operationalise’ the unit by the end of 2022. Besides resilience of cyber networks, and the EU’s policing agency Europol, the unit would touch on defence and diplomacy.
The European Union Agency for Cybersecurity, ENISA, will serve as secretariat for the preparing of the Unit, which will operate close to their Brussels offices and the office of CERT-EU, the Computer Emergency Response Team. At ENISA, Juhan Lepassaar, Executive Director said: “The EU Agency for Cybersecurity is committed to support the Union and its Member States in the response to cyberattacks. The Joint Cyber Unit will build stronger relationships within the cybersecurity ecosystem and shape an effective framework for crisis management. Our future local office in Brussels will operate closely with the Unit to coordinate response, create situational awareness and ensure preparedness in times of crisis.”
Comment
Jens Monrad, Director, EMEA, Mandiant Threat Intelligence welcomed the political attention that cyber attacks are getting. “However, it remains to be seen how effective it will be when it comes to a joint task force deploying response teams across the EU. Today, many EU countries still control their national security, and even within agreed EU treaties, there are exempts on law enforcement collaboration.
“There should be an even stronger focus on private-government collaboration, similar to what we have observed in the United States. The rapidly evolving cyber threats and the future threat landscape calls for a more vital private-government partnership where information on threats can be shared and communicated effectively across EU member states.
“When we look at the current cyber threat landscape, it is genuinely borderless and a global challenge. There is certainly a need for more political involvement to address the fact that some of the most impactful cyber threats like ransomware still seem to operate with impunity from countries that appear to offer a degree of safe harbouring as long as the cybercriminals do not target their own country or region.”